Securing the Connected Car Steps Up a Gear

“Here in my car, I feel safest of all …” That line from Gary Numan’s hit single, ‘Cars’ sums up the way many of us feel when we’re driving: safe and protected in the privacy of our vehicles. But cars are increasingly connected to the outside world. Features that were once only available on premium luxury brands are now available across manufacturers’ model ranges, in basic city cars. These features include Bluetooth connectivity for pairing mobile phones, GPS navigation, 4G wifi hotspots, collision avoidance systems, remote diagnostics and more. In fact, with these capabilities, cars are rapidly becoming data networks on wheels.

The production of new cars equipped with data connectivity, either through a built-in communications module or by a tether to a mobile device, was forecast by Gartner to reach 12.4 million during 2016, increasing to 61 million in 2020 – representing nearly 70% of all cars shipped globally. This external connectivity is also mirrored in cars’ control systems, with even basic vehicles now using multiple electronic control units containing millions of lines of code, controlling all aspects of the car from engine management, to the brakes, steering and entertainment systems. But as development of the electronically controlled, connected car, sped up, security was left behind.

Over the past couple of years, researchers have repeatedly demonstrated how connected cars can be hacked and controlled from afar – in particular in 2015 when two white-hat hackers remotely took control of a Jeep Cherokee. This incident prompted Chrysler to recall 1.4 million vehicles. While a malicious cyberattack on a vehicle has yet to take place, the potential danger is real – so much so that the FBI, Department of Transportation, and National Highway Traffic Safety Administration issued a memo warning of the dangers to connected vehicles – including hackers disabling a vehicle’s brakes or steering, shutting the engine down, or manipulating other on-board systems. The report states, “These cars have become moving endpoints which continue to stay defenseless. Their mobility and distinct entry points pose significant difficulties to protect them. Just imagine trying to guard a moving castle which has to allow visitors in from several different avenues.”

To address this increasingly complex challenge, Check Point, HDBaseT Alliance and Valens are revving up their engines and joining forces to develop the best solution for protecting connected cars. Today, we announced that we are joining HDBaseT Alliance’s Automotive Working Group to define new cyber-security industry standards and co-develop solutions for the next generation of connected automobiles.

Check Point will lead the Cyber Security Working Group, and Valens, inventor of HDBaseT and HDBaseT Alliance founder, will play a central role in the collaboration to accelerate design and development of these requirements. Argus Cyber Security, the world’s largest independent automotive cyber security company, is also joining the Alliance, and will be the first company to join the Cyber Security Working Group.

Issues that the working group will address include: how to guarantee the connected car’s robust network configuration and segregation, firewalling, security level ranking, and securing external communications and 3rd Party solutions.

While in-vehicle connectivity continues to advance, and new technologies become available, we must address the advanced cybersecurity risks they pose. Security for the connected car is no longer optional, it’s a lifesaver – for drivers, other road users and pedestrians too. By joining the HDBaseT Alliance, we intended to steer the design of the best security solutions for today and tomorrow’s car industry, to be one step ahead of automotive threats – delivering security that moves even faster than hackers can.